Skip to main contentSkip to main content
AI
AIAuditRef

Privacy Policy

Last updated: 1 March 2026

1. Who we are

AIAuditRef (“we”, “us”, “our”) operates the AIAuditRef.com platform — a compliance reference and tooling service for the EU AI Act and related legislation. We are the data controller for personal data collected through the Platform. For data protection enquiries, contact us at support@aiauditref.com.

2. What personal data we collect

Account data

Name, email address, password (hashed), company name (optional), account creation date. Collected when you create a free or paid account.

Usage data

Tool usage (which tools you use, results generated), AI systems you add to the Deadline Tracker, checklist progress. Used to provide the service and improve tools.

Payment data

Payment processing is handled by Stripe. We store only your Stripe customer ID, subscription status, and purchase records. We do not store card numbers or full payment details.

Email captures

If you provide your email address through the Checklist Builder or newsletter signup (without creating an account), we store your email and the source of capture.

Technical data

Log data including IP address, browser type, pages visited, and timestamps. Collected automatically for security, analytics, and service operation purposes.

3. Legal basis for processing

Contract performance (Art. 6(1)(b) GDPR)Account management, service delivery, subscription processing
Legitimate interests (Art. 6(1)(f) GDPR)Security monitoring, fraud prevention, service improvement, analytics
Consent (Art. 6(1)(a) GDPR)Marketing emails (newsletter). You may withdraw consent at any time.
Legal obligation (Art. 6(1)(c) GDPR)Tax records, compliance with applicable law

4. How we use your data

  • Providing and operating the AIAuditRef platform and tools
  • Processing payments and managing subscriptions via Stripe
  • Sending transactional emails (account creation, purchase receipts)
  • Sending EU AI Act update newsletters (with your consent)
  • Improving tool quality based on aggregate usage analytics
  • Preventing fraud and maintaining platform security
  • Complying with legal obligations

We do not sell personal data to third parties. We do not use your data for targeted advertising. We do not use your compliance data inputs (AI system descriptions, checklist answers) to train AI models.

5. Data sharing

We share personal data only with the following categories of recipients:

Stripe — payment processing. Subject to Stripe's own privacy policy.
Firebase (Google) — authentication and database hosting. Data stored in EU data centres.
Brevo / Resend — email delivery for newsletters and transactional emails.
Legal/regulatory authorities — only where required by law or court order.

6. Data retention

Account data: Retained while your account is active. Deleted within 30 days of account deletion request.

Purchase records: Retained for 7 years to meet tax/accounting obligations.

Email captures (non-account): Retained until you unsubscribe, then deleted within 30 days.

Technical/log data: Retained for 12 months for security purposes, then automatically deleted.

7. Your rights under GDPR

Right of access (Art. 15)

Request a copy of all personal data we hold about you.

Right to rectification (Art. 16)

Correct inaccurate personal data.

Right to erasure (Art. 17)

Request deletion of your personal data (subject to legal retention requirements).

Right to portability (Art. 20)

Receive your data in a structured, machine-readable format.

Right to object (Art. 21)

Object to processing based on legitimate interests.

Right to withdraw consent

Withdraw marketing consent at any time via unsubscribe link or account settings.

To exercise any of these rights, email support@aiauditref.com. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority.

8. Cookies

We use strictly necessary cookies for session management and authentication. We use analytical cookies (with consent) to understand how the platform is used. You can manage cookie preferences in your browser settings. We do not use advertising or tracking cookies.

9. Changes to this policy

We may update this Privacy Policy periodically. Material changes will be communicated by email to registered users and by notice on the platform. Continued use of the platform after changes constitutes acceptance of the updated policy.

10. Contact

Data protection enquiries: support@aiauditref.com

General support: support@aiauditref.com

Terms of Service|Back to home